Memory Corruption Vulnerability in Qualcomm GPU Micronode
CVE-2025-21480

8.6HIGH

Key Information:

Vendor

Qualcomm
Status
Snapdragon
Vendor
CVE Published:
3 June 2025

Badges

👾 Exploit Exists🟣 EPSS 12%🦅 CISA Reported📰 News Worthy

What is CVE-2025-21480?

A vulnerability has been identified in Qualcomm GPU micronode that allows unauthorized command execution, potentially leading to memory corruption. This issue arises from certain command sequences not being properly secured, granting attackers the opportunity to manipulate memory states. Users of affected Qualcomm GPU technologies are advised to follow best security practices and stay updated with vendor patches.

CISA has reported CVE-2025-21480

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-21480 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Snapdragon Snapdragon CCW AQT1000

Snapdragon Snapdragon CCW FastConnect 6200

Snapdragon Snapdragon CCW FastConnect 6700

News Articles

favicon imageZDNET

Qualcomm patches three exploited security flaws, but you could still be vulnerable

Device manufacturers must still apply the critical updates to their individual products, but we're not out of the woods yet.

14 hours ago

favicon imageCISA (.gov)

CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA

CISA has added three new vulnerabilities to its KEV Catalog, based on evidence of active exploitation

22 hours ago

favicon imageIndia Today

Qualcomm fixes multiple zero-day chip flaws after Google warns of active exploits by hackers

Qualcomm has patched three serious zero-day flaws in its Adreno GPU driver after Google warned of active exploitation by hackers. Users are urged to update their devices as soon as possible.

1 day ago

References

https://docs.qualcomm.com/product/publicresources/securit...

EPSS Score

12% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • Vulnerability published

  • 📰

    First article discovered by CybersecurityNews

  • Vulnerability Reserved

.
CVE-2025-21480 : Memory Corruption Vulnerability in Qualcomm GPU Micronode